tokfandomcom-20200215-history
SWIFT
The Society for Worldwide Interbank Financial Telecommunication (SWIFT), legally S.W.I.F.T. SCRL, provides a network that enables s worldwide to send and receive information about s in a secure, standardized and reliable environment. SWIFT also sells and services to financial institutions, much of it for use on the SWIFTNet network, and . Business Identifier Codes (BICs, previously Bank Identifier Codes) are popularly known as "SWIFT codes". As of 2018, around half all high-value cross-border payments worldwide used the SWIFT network. , SWIFT linked more than 11,000 financial institutions in more than 200 countries and territories, who were exchanging an average of over 32 million messages per day (compared to an average of 2.4 million daily messages in 1995). SWIFT transports financial messages in a highly secure way but does not hold accounts for its members and does not perform any form of or . SWIFT does not facilitate funds transfer: rather, it sends s, which must be settled by s that the institutions have with each other. Each financial institution, to exchange banking transactions, must have a banking relationship by either being a bank or affiliating itself with one (or more) so as to enjoy those particular business features. SWIFT has been criticized for its inefficiency, with the Financial Times observing in 2018 that transfers frequently "pass through multiple banks before reaching their final destination, making them time-consuming, costly and lacking transparency on how much money will arrive at the other end." At the time its market dominance was described as being challenged by technology, such as , although SWIFT argued that the scalability issues of blockchain solutions remained unsolved, confining them to bilateral and intra-bank applications. SWIFT has introduced its own improved service, called "Global Payments Innovation" (GPI), stating that as of 2018 it had been adopted by 165 banks, and was completing half of its payments in under 30 minutes. SWIFT is a under law owned by its member financial institutions with offices around the world. SWIFT's headquarters, designed by , are in , Belgium, near . The chairman of SWIFT is Yawar Shah, originally from , and its is Javier Pérez-Tasso, originally from . SWIFT hosts an annual conference, called , specifically aimed at the industry. Since July 2019, the CEO has been Javier Pérez-Tasso. SWIFT has at various times attracted controversy for enabling the US government to monitor and in some cases interfere with intra-European transactions. (See: ) History SWIFT was founded in in 1973 under the leadership of its inaugural CEO, (1973–1989), and was supported by 239 banks in fifteen countries. It started to establish for financial transactions and a shared data processing system and worldwide communications network designed by and developed by the . Fundamental , rules for , etc., were established in 1975 and the first message was sent in 1977. SWIFT's first United States operating center was inaugurated by Governor of Virginia in 1979. Standards SWIFT has become the industry standard for in financial messages. Messages formatted to SWIFT standards can be read by, and processed by, many well-known financial processing systems, whether or not the message traveled over the SWIFT network. SWIFT cooperates with international organizations for defining standards for message format and content. SWIFT is also (RA) for the following standards: * : 1994 Banking—Banking telecommunication messages—Bank identifier codes * : 2003 Securities and related financial instruments—Codes for exchanges and market identification (MIC) * : 2003 Registry * : 1999 Securities—Scheme for messages (Data Field Dictionary) (replaces ISO 7775) * -1: 2004 and ISO 20022-2:2007 Financial services—Universal Financial Industry message scheme In 3615 urn:swift: was defined as s (URNs) for SWIFT FIN. Operations centers The SWIFT secure messaging network is run from three s, one in the , one in the and one in . These centers share information in . In case of a failure in one of the data centers, the other is able to handle the traffic of the complete network. SWIFT uses s to transmit its data. SWIFT opened its third data center in in 2009. In the same year SWIFT introduced new distributed architecture with two messaging zones: European and Trans-Atlantic, so data from European SWIFT members are no longer mirrored to the U.S. data center. European zone messages are stored in the Netherlands and in a part of the Switzerland operating center; Trans-Atlantic zone messages are stored in the United States and in a part of the Switzerland operating center that is segregated from the European zone messages. Countries outside of Europe were by default allocated to the Trans-Atlantic zone but could choose to have their messages stored in the European zone. SWIFTNet network SWIFT moved to its current IP network infrastructure, known as SWIFTNet, from 2001 to 2005, providing a total replacement of the previous infrastructure. The process involved the development of new protocols that facilitate efficient messaging, using existing and new message standards. The adopted technology chosen to develop the protocols was , where it now provides a wrapper around all messages legacy or contemporary. The communication protocols can be broken down into: InterAct *SWIFTNet InterAct Realtime *SWIFTNet InterAct Store and Forward FileAct * SWIFTNet FileAct Realtime * SWIFTNet FileAct Store and Forward Browse * SWIFTNet Browse Architecture SWIFT provides a centralized store-and-forward mechanism, with some transaction management. For bank A to send a message to bank B with a copy or authorization with institution C, it formats the message according to standard and securely sends it to SWIFT. SWIFT guarantees its secure and reliable delivery to B after the appropriate action by C. SWIFT guarantees are based primarily on high redundancy of hardware, software, and people. SWIFTNet Phase 2 During 2007 and 2008, the entire SWIFT Network migrated its infrastructure to a new protocol called SWIFTNet Phase 2. The main difference between Phase 2 and the former arrangement is that Phase 2 requires banks connecting to the network to use a instead of the former (BKE) system. According to SWIFT's public information database on the subject, RMA software should eventually prove more secure and easier to keep up-to-date; however, converting to the RMA system meant that thousands of banks around the world had to update their international payments systems to comply with the new standards. RMA completely replaced BKE on 1 January 2009. Products and interfaces SWIFT means several things in the financial world: # a for transmitting messages between financial institutions; # a set of syntax standards for financial messages (for transmission over SWIFTNet or any other network) # a set of connection software and services allowing financial institutions to transmit messages over SWIFT network. Under 3 above, SWIFT provides solutions for members, consisting of to facilitate connectivity to the SWIFT network and which members use to manage the delivery and receipt of their messages. Some of the more well-known interfaces and CBTs provided to their members are: * SWIFTNet Link (SNL) software which is installed on the SWIFT customer's site and opens a connection to SWIFTNet. Other applications can only communicate with SWIFTNet through the SNL. * Alliance Gateway (SAG) software with interfaces (e.g., RAHA = Remote Access Host Adapter), allowing other software products to use the SNL to connect to SWIFTNet * Alliance WebStation (SAB) desktop interface for SWIFT Alliance Gateway with several usage options: :# administrative access to the SAG :# direct connection SWIFTNet by the SAG, to administrate SWIFT Certificates :# so-called Browse connection to SWIFTNet (also by SAG) to use additional services, for example Target2 * Alliance Access (SAA) and Alliance Messaging Hub (AMH) are the main messaging software applications by SWIFT, which allow message creation for , routing and monitoring for FIN and . The main interfaces are FTA (files transfer automated, not FTP) and MQSA, a interface. * The Alliance Workstation (SAW) is the desktop software for administration, monitoring and FIN message creation. Since Alliance Access is not yet capable of creating MX messages, Alliance Messenger (SAM) has to be used for this purpose. * Alliance Web Platform (SWP) as new thin-client desktop interface provided as an alternative to existing Alliance WebStation, Alliance Workstation (soon) and Alliance Messenger. * Alliance Integrator built on 's which enables customer's back office applications to connect to Alliance Access or Alliance Entry. * Alliance Lite2 is a secure and reliable, cloud-based way to connect to the SWIFT network which is a light version of Alliance Access specifically targeting customers with low volume of traffic. ; Services There are four key areas that SWIFT services fall under in the financial marketplace: , & , and . Securities * SWIFTNet FIX (obsolete) * SWIFTNet Data Distribution * SWIFTNet Funds * SWIFTNet Accord for Securities (end of life October 2017) Treasury & Derivatives * SWIFTNet Accord for Treasury (end of life October 2017) * SWIFTNet Affirmations * SWIFTNet CLS Third Party Service Cash Management * SWIFTNet Bulk Payments * SWIFTNet Cash Reporting * SWIFTNet Exceptions and Investigations Trade Services * SWIFTNet SWIFTREF Swift Ref, the global payment reference data utility, is SWIFT's unique reference data service. Swift Ref sources data direct from data originators, including central banks, code issuers and banks making it easy for issuers and originators to maintain data regularly and thoroughly. SWIFTRef constantly validates and cross-checks data across the different data sets. SWIFTNet Mail SWIFT offers a secure person-to-person messaging service, SWIFTNet Mail, which went live on 16 May 2007. SWIFT clients can configure their existing email infrastructure to pass email messages through the highly secure and reliable SWIFTNet network instead of the open Internet. SWIFTNet Mail is intended for the secure transfer of sensitive business documents, such as invoices, contracts and signatories, and is designed to replace existing telex and courier services, as well as the transmission of security-sensitive data over the open Internet. Seven financial institutions, including , , , , , and , as well as SWIFT piloted the service. U.S. government involvement Terrorist Finance Tracking Program A series of articles published on 23 June 2006 in , , and the revealed a program, named the , which the , , and other al agencies initiated after the to gain access to the SWIFT transaction database. After the publication of these articles, SWIFT quickly came under pressure for compromising the of its customers by allowing governments to gain access to sensitive personal information. In September 2006, the Belgian government declared that these SWIFT dealings with American governmental authorities were a breach of Belgian and s. In response, and to satisfy members' concerns about privacy, SWIFT began a process of improving its architecture by implementing a distributed architecture with a two-zone model for storing messages (see ). Concurrently, the negotiated an agreement with the to permit the transfer of intra-EU SWIFT transaction information to the United States under certain circumstances. Because of concerns about its potential contents, the adopted a position statement in September 2009, demanding to see the full text of the agreement and asking that it be fully compliant with EU privacy legislation, with oversight mechanisms emplaced to ensure that all data requests were handled appropriately. An interim agreement was signed without European Parliamentary approval by the on 30 November 2009, the day before the —which would have prohibited such an agreement from being signed under the terms of the —formally came into effect. While the interim agreement was scheduled to come into effect on 1 January 2010, the text of the agreement was classified as "EU Restricted" until translations could be provided in all EU languages and published on 25 January 2010. On 11 February 2010, the European Parliament decided to reject the interim agreement between the EU and the US by 378 to 196 votes. One week earlier, the parliament's civil liberties committee had already rejected the deal, citing legal reservations. In March 2011, it was reported that two mechanisms of data protection had failed: released a report complaining that the USA's requests for information had been too vague (making it impossible to make judgments on validity) and that the guaranteed right for European citizens to know whether their information had been accessed by USA authorities had not been put into practice. Sanctions against Iran In January 2012, the advocacy group (UANI) implemented a campaign calling on SWIFT to end all relations with Iran's banking system, including the . UANI asserted that Iran's membership in SWIFT violated U.S. and EU financial sanctions against Iran as well as SWIFT's own corporate rules. Consequently, in February 2012, the unanimously approved sanctions against SWIFT aimed at pressuring the Belgian financial telecommunications network to terminate its ties with blacklisted Iranian banks. Expelling Iranian banks from SWIFT would potentially deny Iran access to billions of dollars in revenue and spending using SWIFT but not from using . , president of UANI, praised the Senate Banking Committee. Initially SWIFT denied it was acting illegally, but now says "it is working with U.S. and European governments to address their concerns that its financial services are being used by Iran to avoid sanctions and conduct illicit business." Targeted banks would be—amongst others— , , and . On 17 March 2012, following agreement two days earlier between all 27 member states of the and the Council's subsequent ruling, SWIFT disconnected all Iranian banks from its international network that had been identified as institutions in breach of current EU sanctions and warned that even more Iranian financial institutions could be disconnected from the network. In February 2016, most Iranian banks reconnected to the network following lift of sanctions on . U.S. control over transactions within the EU On 26 February 2012 the newspaper reported that US authorities have sufficient control over SWIFT to seize money being transferred between two European Union (EU) countries (Denmark and Germany), since they succeeded in seizing around US$26,000 that was being transferred from a Danish businessman to a bank. The transaction was automatically routed through the US, possibly because of the USD currency used in the transaction, which is how the United States was able to seize the funds. The money was a payment for a batch of previously imported to Germany by a German supplier. As justification for the seizure, the stated that the Danish businessman had violated the . Monitoring by the NSA reported in September 2013 that the (NSA) widely monitors banking transactions via SWIFT, as well as credit card transactions. The NSA intercepted and retained data from the SWIFT network used by thousands of banks to securely send transaction information. SWIFT was named as a "target", according to documents leaked by . The documents revealed that the NSA spied on SWIFT using a variety of methods, including reading "SWIFT printer traffic from numerous banks". In April 2017, a group known as the released files allegedly from the NSA which indicate that the agency monitored financial transactions made through SWIFT. Use in sanctions As mentioned above SWIFT had disconnected all Iranian banks from its international network as a . However, as of 2016 Iranian banks which are no longer on international sanctions lists were reconnected to SWIFT. Even though this enables movement of money from and to these Iranian banks, foreign banks remain wary of doing business with the country. Due to primary sanctions, transactions of U.S. banks with Iran or transactions in U.S. dollars with Iran both remained prohibited. Similarly, in August 2014 the UK planned to press the EU to block Russian use of SWIFT as a sanction due to . However, SWIFT refused to do so. In their official statement they said, "SWIFT regrets the pressure, as well as the surrounding media speculation, both of which risk undermining the systemic character of the services that SWIFT provides its customers around the world". , a Russia-based SWIFT equivalent, was created by the Central Bank of Russia as a backup measure. In September 2018 the European Union foreign policy head, , proposed the development of a new "special purpose financial vehicle" intended to bypass SWIFT. The seven founding members of this new system are to be Iran, the European Commission, Germany, France, the UK, Russia and China – but not the United States. The United States, having withdrawn from the – better known as "the Iran Nuclear Deal" – has decreed severe sanctions against any nation trading with Iran. The new payments system is designed to remove certain banking transactions with Iran from the purview of U.S. authorities, and to escape U.S. sanctions against nations trading with Iran. The apparent goal is to encourage Iran to continue to adhere to the terms of the JCPOA, which forbids the testing, development and manufacture of nuclear weapons, even though no claims of breach have been made by any party of the JCPOA except the United States. It could be used to evade other U.S. sanctions, such as those against the German-Russian pipeline project known as . SWIFT has also rejected calls to boycott i banks from its network. Competitors Alternatives to the SWIFT system have emerged, due to advances in cryptographic technology (e.g. blockchains) and the politicization of SWIFT. These include: # - sponsored by the crypto firm # - sponsored by the EU # - sponsored by China # - sponsored by Russia Security In 2016 an $81 million theft from the central bank via its account at the New York was traced to penetration of SWIFT's software, according to a New York Times report. It was not the first such attempt, the society acknowledged, and the security of the transfer system was undergoing new examination accordingly. Soon after the reports of the theft from the Bangladesh central bank, a second, apparently related, attack was reported to have occurred on a commercial bank in Vietnam. Both attacks involved written to both issue unauthorized SWIFT messages and to conceal that the messages had been sent. After the malware sent the SWIFT messages that stole the funds, it deleted the database record of the transfers then took further steps to prevent confirmation messages from revealing the theft. In the Bangladeshi case, the confirmation messages would have appeared on a paper report; the malware altered the paper reports when they were sent to the printer. In the second case, the bank used a PDF report; the malware altered the PDF viewer to hide the transfers. In May 2016, (BDA) in Ecuador sued after Wells Fargo honored $12 million in fund transfer requests that had been placed by thieves. In this case, the thieves sent SWIFT messages that resembled recently canceled transfer requests from BDA, with slightly altered amounts; the reports do not detail how the thieves gained access to send the SWIFT messages. BDA asserts that Wells Fargo should have detected the suspicious SWIFT messages, which were placed outside of normal BDA working hours and were of an unusual size. Wells Fargo claims that BDA is responsible for the loss, as the thieves gained access to the legitimate SWIFT credentials of a BDA employee and sent fully authenticated SWIFT messages. In the first half of 2016, an anonymous Ukrainian bank, with the episode being investigated by , and others—even "dozens" that are not being made public—were variously reported to have been "compromised" through the SWIFT network and to have lost money. References Category:Monetary system